Bump xmlhttprequest-ssl and socket.io-client in /src/tradelayer-web/ChannelsProofOfConcept

[dependabot[bot]]

Bumps xmlhttprequest-ssl to 1.6.3 and updates ancestor dependency socket.io-client. These dependencies need to be updated together.

Updates xmlhttprequest-ssl from 1.5.5 to 1.6.3

Commits

• 711bd4a Prepare release 1.6.3
• 4e8322f Merge pull request #8 from mrcarlberg/mjwwit_unescape_url_pathname_when_loadi...
• ee1e81f Fix CVE-2020-28502
• 6a0a91d Unescape pathname from url when loading from local filesystem
• bf53329 Fix issue where rejectUnauthorized would default to false instead of true
• ae38832 1.6.0
• 534b586 Remove superfluous + operator
• a9d93fb Replace deprecated sys.puts calls with console.log in tests
• efc39e9 Merge pull request #6 from wesgarland/master
• b9fedb0 pushed version to 1.5.6
• Additional commits viewable in compare view

Updates socket.io-client from 3.0.4 to 3.1.3

Release notes

Sourced from socket.io-client's releases.

3.1.3

Bug Fixes

• bundle: restore support for JS modules (afa7953)

Links:

• Diff: https://github.com/socketio/socket.io-client/compare/3.1.2...3.1.3
• Server release: -
• engine.io-client version: ~4.1.0
• ws version: ~7.4.2
• Build size
  • socket.io.min.js: 60.3 KB (=)
  • socket.io.msgpack.min.js: 61.3 KB (=)

3.1.2

Bug Fixes

• restore support for web workers (13b32b3)
• silently close the transport in the beforeunload hook (ed48b5d, from engine.io-client)

Links:

• Diff: https://github.com/socketio/socket.io-client/compare/3.1.1...3.1.2
• Server release: 3.1.2
• engine.io-client version: ~4.1.0
• ws version: ~7.4.2
• Build size
  • socket.io.min.js: 60.3 KB (+ 0.1 KB)
  • socket.io.msgpack.min.js: 61.3 KB

3.1.1

Bug Fixes

• include the path in the manager ID (7a0c2b5)
• remove polyfill for process in the bundle (61afc5d)
• typings: add return types and general-case overload signatures (#1440) (47f917a)
• typings: fix the type of the "query" option (#1439) (f02ab3b)

Links:

• Diff: https://github.com/socketio/socket.io-client/compare/3.1.0...3.1.1
• Server release: 3.1.1
• engine.io-client version: ~4.1.0
• ws version: ~7.4.2
• Build size
  • socket.io.min.js: 60.2 KB (+ 0.1 KB)
  • socket.io.msgpack.min.js: 61.3 KB (+ 0.1 KB)

... (truncated)

Changelog

Sourced from socket.io-client's changelog.

3.1.3 (2021-03-12)

Bug Fixes

• bundle: restore support for JS modules (afa7953)

4.0.0 (2021-03-10)

The major bump is due to some breaking changes on the server side.

Bug Fixes

• bundle: restore support for JS modules (43613d1)

Features

• add autoUnref option (6abfa1f)
• add support for typed events (5902365)

3.1.2 (2021-02-26)

Bug Fixes

• restore support for web workers (13b32b3)
• silently close the transport in the beforeunload hook (ed48b5d, from engine.io-client)

3.1.1 (2021-02-03)

Bug Fixes

• include the path in the manager ID (7a0c2b5)
• remove polyfill for process in the bundle (61afc5d)
• typings: add return types and general-case overload signatures (#1440) (47f917a)
• typings: fix the type of the "query" option (#1439) (f02ab3b)

3.1.0 (2021-01-15)

Bug Fixes

• typings: make Manager#opts public (#1437) (fe97243)

... (truncated)

Commits

• b574be7 chore(release): 3.1.3
• afa7953 fix(bundle): restore support for JS modules
• 78ec5a6 chore(release): 3.1.2
• 83a65be chore: bump engine.io-client version
• 13b32b3 fix: restore support for web workers
• 311c5d1 chore(release): 3.1.1
• 7a0c2b5 fix: include the path in the manager ID
• 61afc5d fix: remove polyfill for process in the bundle
• 47f917a fix(typings): add return types and general-case overload signatures (#1440)
• f02ab3b fix(typings): fix the type of the "query" option (#1439)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BlockPo/BlockPo-to-Tradelayer/network/alerts).